Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ed004e3b by Salvatore Bonaccorso at 2025-04-02T17:39:49+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,35 @@ +CVE-2025-21994 [ksmbd: fix incorrect validation for num_aces field of smb_acl] + - linux 6.12.21-1 + NOTE: https://git.kernel.org/linus/1b8b67f3c5e5169535e26efedd3e422172e2db64 (6.14-rc6) +CVE-2025-21993 [iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()] + - linux 6.12.20-1 + NOTE: https://git.kernel.org/linus/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5 (6.14-rc2) +CVE-2025-21992 [HID: ignore non-functional sensor in HP 5MP Camera] + - linux 6.12.20-1 + NOTE: https://git.kernel.org/linus/363236d709e75610b628c2a4337ccbe42e454b6d (6.14-rc3) +CVE-2025-21991 [x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes] + - linux 6.12.20-1 + NOTE: https://git.kernel.org/linus/e3e89178a9f4a80092578af3ff3c8478f9187d59 (6.14-rc7) +CVE-2025-21990 [drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags] + - linux 6.12.20-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/6cc30748e17ea2a64051ceaf83a8372484e597f1 (6.14-rc7) +CVE-2025-21989 [drm/amd/display: fix missing .is_two_pixels_per_container] + - linux 6.12.20-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e204aab79e01bc8ff750645666993ed8b719de57 (6.14-rc7) +CVE-2025-21988 [fs/netfs/read_collect: add to next->prev_donated] + - linux <unfixed> + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/e25cec3b76aba47a49138d2162fc809c6cd49c9e (6.13.8) +CVE-2025-21987 [drm/amdgpu: init return value in amdgpu_ttm_clear_buffer] + - linux 6.12.19-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/d3c7059b6a8600fc62cd863f1ea203b8675e63e1 (6.14-rc5) CVE-2025-1805 NOT-FOR-US: Perl Crypt::Salt CVE-2024-11735 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed004e3bac783c60cefe2d8feeaab44a5f4ad00d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed004e3bac783c60cefe2d8feeaab44a5f4ad00d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
